The California Public Utilities Commission has failed to protect our privacy.
The Commissioners, on July 28, 2011, approved new regulations on security and privacy and the smart grid, after having vetted this matter in a formal proceeding that began way back in December of 2008.
These regulations were supposed to provide more protections than the voluntary privacy and security guidelines made by the National Institute of Standards and Technology (NIST guidelines fail to address gaps and risks).
The Division of Ratepayer Advocates, which is the independent consumer branch of the CPUC, says it’s disappointed that the California’s new privacy and security regulations don’t go far enough. They also have loopholes, because the new rules don’t apply to all utilities across California — only the big private investor utilities (including PG&E up north, Southern California Edison, and SDG&E in San Diego).
That means that municipal utilities like LADWP, Burbank Water & Power, and Glendale and Water & Power don’t have to abide by them. Great.
Then again, even at that, the regulations the CPUC adopted fall short, by putting business interests above consumer privacy.
“I support today’s decision because it adopts reasonable privacy and security rules and expands consumer and third-party access to electricity usage and pricing information,” said Commissioner Timothy Simon. “I hope this decision stimulates market interest in the data. I also hope the data is meaningful and provides useful information for customers.”
Really? And who do you think is going to ultimately profit or lose from selling all of our personal data? We the consumer or our utility that can sell it to the businesses that want it?
You can watch Thursday’s CPUC meeting here (it may take a few minutes to load): http://streaming.aanet.org/ramgen/cpuc/CPUC_OM072811-1.rm